Don't leak interface name via multicast, ensure zone is always correct when dialling link-local

src/yggdrasil/multicast.go

@@ -166,6 +166,7 @@ func (m *multicast) announce() {
 				// Get the listener details and construct the multicast beacon
 				lladdr := listener.listener.Addr().String()
 				if a, err := net.ResolveTCPAddr("tcp6", lladdr); err == nil {
+					a.Zone = ""
 					destAddr.Zone = iface.Name
 					msg := []byte(a.String())
 					m.sock.WriteTo(msg, nil, destAddr)
@@ -208,8 +209,9 @@ func (m *multicast) listen() {
 		if addr.IP.String() != from.IP.String() {
 			continue
 		}
-		addr.Zone = from.Zone
-		saddr := addr.String()
-		m.core.link.call("tcp://"+saddr, addr.Zone)
+		addr.Zone = ""
+		if err := m.core.link.call("tcp://"+addr.String(), from.Zone); err != nil {
+			m.core.log.Debugln("Call from multicast failed:", err)
+		}
 	}
 }

src/yggdrasil/tcp.go

@@ -259,6 +259,16 @@ func (t *tcp) call(saddr string, options interface{}, sintf string) {
 			}
 			t.handler(conn, false, dialerdst.String())
 		} else {
+			dst, err := net.ResolveTCPAddr("tcp", saddr)
+			if err != nil {
+				return
+			}
+			if dst.IP.IsLinkLocalUnicast() {
+				dst.Zone = sintf
+				if dst.Zone == "" {
+					return
+				}
+			}
 			dialer := net.Dialer{
 				Control: t.tcpContext,
 			}
@@ -272,10 +282,6 @@ func (t *tcp) call(saddr string, options interface{}, sintf string) {
 				}
 				addrs, err := ief.Addrs()
 				if err == nil {
-					dst, err := net.ResolveTCPAddr("tcp", saddr)
-					if err != nil {
-						return
-					}
 					for addrindex, addr := range addrs {
 						src, _, err := net.ParseCIDR(addr.String())
 						if err != nil {
@@ -309,9 +315,9 @@ func (t *tcp) call(saddr string, options interface{}, sintf string) {
 					}
 				}
 			}
-
-			conn, err = dialer.Dial("tcp", saddr)
+			conn, err = dialer.Dial("tcp", dst.String())
 			if err != nil {
+				t.link.core.log.Debugln("Failed to dial TCP:", err)
 				return
 			}
 			t.handler(conn, false, nil)